https://twitter.com/mojoesec
https://twitter.com/mojoesec/status/1660735789427314690
https://twitter.com/mojoesec/status/1660630643452133376
https://twitter.com/mojoesec/status/1653443385200455681
https://twitter.com/mojoesec/status/1648768940472950843
https://twitter.com/mojoesec/status/1632738708196556801
https://twitter.com/mojoesec/status/1623779980705398788
https://twitter.com/mojoesec/status/1622786965270671362
https://twitter.com/mojoesec/status/1612438841859653632
https://twitter.com/mojoesec/status/1609386514353459200
https://twitter.com/mojoesec/status/1599854170692935680
https://twitter.com/mojoesec/status/1598415404036128769
https://twitter.com/mojoesec/status/1598378610825609216
https://twitter.com/mojoesec/status/1597225116697759745
https://twitter.com/mojoesec/status/1593401284266266631
https://twitter.com/mojoesec/status/1592146737720102913
https://twitter.com/mojoesec/status/1590380057180409856
https://twitter.com/mojoesec/status/1587616352700874752
https://twitter.com/mojoesec/status/1587066429953970178
https://twitter.com/mojoesec/status/1574594904483065856
https://twitter.com/mojoesec/status/1569294522584076289
https://twitter.com/mojoesec/status/1565704020190273537
https://twitter.com/mojoesec/status/1561805273651617793
https://twitter.com/mojoesec/status/1559631413376335874
https://twitter.com/mojoesec/status/1558181485345181696
https://twitter.com/mojoesec/status/1557767047618215936
https://twitter.com/mojoesec/status/1556609038007369733
https://twitter.com/mojoesec/status/1555567458018263040
https://twitter.com/mojoesec/status/1555197269372182530
https://twitter.com/mojoesec/status/1550211160397565954
https://twitter.com/mojoesec/status/1549938057549324291
https://twitter.com/mojoesec/status/1549370860527669248
https://twitter.com/mojoesec/status/1546539671353696256
https://twitter.com/mojoesec/status/1542975464813232128
https://twitter.com/mojoesec/status/1542692246968999937
https://t.co/tqbWzDbKow
https://blog.group-ib.com/blackcat
https://twitter.com/mojoesec/status/1536532142947278854
https://t.co/PrRkvADiAW
https://abuse.ch/blog/introducing-yaraify/
https://twitter.com/mojoesec/status/1535752319790350336
https://twitter.com/mojoesec/status/1533872030872911875
https://twitter.com/mojoesec/status/1532544980010549251
https://twitter.com/mojoesec/status/1530166834728554496
https://t.co/sqLfQK7vux
https://www.virustotal.com/gui/ip-address/94.140.115.156/relations
https://twitter.com/mojoesec/status/1530166268388683778
https://t.co/h0AzwAKuBP
https://www.virustotal.com/gui/ip-address/64.227.182.2/relations
https://twitter.com/mojoesec/status/1526613714438332416
https://twitter.com/mojoesec/status/1526176183125258243
https://twitter.com/mojoesec/status/1523853452203503616
https://twitter.com/mojoesec/status/1523852029814312960
https://twitter.com/mojoesec/status/1522776549610635266
https://twitter.com/mojoesec/status/1521304590079172608
https://twitter.com/mojoesec/status/1518770315920347136
https://twitter.com/mojoesec/status/1516869321267589121
https://twitter.com/mojoesec/status/1516606636131074053
https://twitter.com/mojoesec/status/1514791352998903814
https://twitter.com/mojoesec/status/1514311368425586688
https://twitter.com/mojoesec/status/1511065304994095105
https://t.co/HZlyGg2q3M
https://www.mandiant.com/resources/evolution-of-fin7
https://twitter.com/mojoesec/status/1510986635390898181
https://twitter.com/mojoesec/status/1509850899228897284
https://twitter.com/mojoesec/status/1508849539159146508
https://twitter.com/mojoesec/status/1506991537548312584
https://twitter.com/mojoesec/status/1506825868177555456
https://twitter.com/mojoesec/status/1506720631202713602
https://twitter.com/mojoesec/status/1506364666208997378
https://twitter.com/mojoesec/status/1506228457340121092
https://t.co/coUDJ7kCbI
https://www.virustotal.com/gui/domain/gravyblicus.com/detection
https://twitter.com/mojoesec/status/1506089337666031618
https://twitter.com/mojoesec/status/1506088635308941318
https://twitter.com/mojoesec/status/1505976131786362888
https://twitter.com/mojoesec/status/1505976103936081921
https://twitter.com/mojoesec/status/1505962720029511681
https://t.co/9O7RtcMBtP
https://www.virustotal.com/gui/domain/shiptlocal.com
https://twitter.com/mojoesec/status/1505921922026115076
https://t.co/WHvSs4KFLP
https://twitter.com/kyleehmke/status/1499804941732491270
https://twitter.com/mojoesec/status/1504284295229231110
https://twitter.com/mojoesec/status/1503551460872790023
https://twitter.com/mojoesec/status/1503167328195956737
https://twitter.com/mojoesec/status/1501666378792718342
https://t.co/1WxVa4scaG
https://t.co/dV31kIYlau
https://urlscan.io/result/c11d2a29-7c28-4bb2-8e41-30976585d3a3/
https://urlscan.io/result/06dc85bd-d03f-4f1c-83fa-84af114be6cb/
https://twitter.com/mojoesec/status/1501618862642638855
https://twitter.com/mojoesec/status/1501607489867063307
https://twitter.com/mojoesec/status/1500879551945232385
https://twitter.com/mojoesec/status/1500869565231812620
https://t.co/G5cW8voj3m
https://www.virustotal.com/gui/domain/klycnmik.com/relations
https://twitter.com/mojoesec/status/1499961344799481857
https://twitter.com/mojoesec/status/1499491602422767618
https://twitter.com/mojoesec/status/1499227571871002625
https://twitter.com/mojoesec/status/1498675315551449094
https://twitter.com/mojoesec/status/1497058154781282306
https://twitter.com/mojoesec/status/1496588598203854854
https://twitter.com/mojoesec/status/1495778232167276562
https://twitter.com/mojoesec/status/1493989849891758084
https://twitter.com/mojoesec/status/1493781626349756419
https://twitter.com/mojoesec/status/1493681487249555458
https://twitter.com/mojoesec/status/1486174694579576832
https://twitter.com/mojoesec/status/1486117110929575938
https://twitter.com/mojoesec/status/1485800769823596551
https://twitter.com/mojoesec/status/1485800655583330304
https://twitter.com/mojoesec/status/1484731079013580802
https://twitter.com/mojoesec/status/1483907433911230464
https://t.co/V0vDv5OHNM
https://news.sophos.com/en-us/2022/01/19/zloader-installs-remote-access-backdoors-and-delivers-cobalt-strike/
https://twitter.com/mojoesec/status/1483636524415598593
https://twitter.com/mojoesec/status/1483471457346854912
https://twitter.com/mojoesec/status/1481097845893644290
https://twitter.com/mojoesec/status/1479491219956899850
https://twitter.com/mojoesec/status/1475881669789945859
https://twitter.com/mojoesec/status/1473851247765733381
https://twitter.com/mojoesec/status/1473490100826918912
https://twitter.com/mojoesec/status/1470586781926105090
https://twitter.com/mojoesec/status/1470584758300286979
https://twitter.com/mojoesec/status/1470466742321307659
https://twitter.com/mojoesec/status/1470227038569209859
https://twitter.com/mojoesec/status/1470226353807056900
https://twitter.com/mojoesec/status/1469871294057488385
https://twitter.com/mojoesec/status/1469515227486113795
https://twitter.com/mojoesec/status/1468410680336388098
https://twitter.com/mojoesec/status/1468410372415803395
https://twitter.com/mojoesec/status/1467188591575150600
https://t.co/YkCqxgwEtx
https://github.com/CronUp/Malware-IOCs/blob/main/2021-12-04_Hancitor_LIVE_C2s
https://twitter.com/mojoesec/status/1465424616793550850
https://twitter.com/mojoesec/status/1465380753433374722
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1465379020661575682
https://twitter.com/mojoesec/status/1460712714683265025
https://twitter.com/mojoesec/status/1460695352319877124
https://twitter.com/mojoesec/status/1460693395781918722
https://twitter.com/mojoesec/status/1460437576519766016
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1460435656484835334
https://twitter.com/mojoesec/status/1459359410359263234
https://t.co/wK2wH5Mso1
https://lots-project.com
https://twitter.com/mojoesec/status/1458537885351784452
https://twitter.com/mojoesec/status/1457916694349991940
https://twitter.com/mojoesec/status/1457906033557446659
https://twitter.com/mojoesec/status/1457904562329772035
https://twitter.com/mojoesec/status/1457754921546227717
https://twitter.com/mojoesec/status/1457749781233688588
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1457701348435189761
https://t.co/NZrfN8leU1
https://www.shodan.io/search?query=product%3A%22Cobalt%20Strike%20Beacon%22
https://twitter.com/mojoesec/status/1456667664387092488
https://twitter.com/mojoesec/status/1456552390199496706
https://t.co/Q0HtKH8WeQ
https://github.com/CronUp/CobaltStrike_Beacons/blob/main/CS_173.234.155.0-255_Ransomware_20211104
https://twitter.com/mojoesec/status/1456349893828784128
https://twitter.com/mojoesec/status/1455349066309701638
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1455247571170041858
https://twitter.com/mojoesec/status/1455240516946350091
https://twitter.com/mojoesec/status/1455221067384033281
https://twitter.com/mojoesec/status/1453449221206683656
https://twitter.com/mojoesec/status/1453449153426640904
https://twitter.com/mojoesec/status/1453040708366086150
https://twitter.com/mojoesec/status/1453040284686770185
https://twitter.com/mojoesec/status/1451639483028410372
https://twitter.com/mojoesec/status/1450550237622329353
https://twitter.com/mojoesec/status/1450500643798519809
https://twitter.com/mojoesec/status/1450173258406498309
https://twitter.com/mojoesec/status/1450160161939730438
https://twitter.com/mojoesec/status/1450116775966879756
https://twitter.com/mojoesec/status/1449068487297622018
https://twitter.com/mojoesec/status/1448372740105383941
https://twitter.com/mojoesec/status/1448101094534656005
https://t.co/v2gmWXp5CO
https://www.mandiant.com/resources/defining-cobalt-strike-components
https://twitter.com/mojoesec/status/1448041030184587271
https://t.co/21G602o0qC
https://bazaar.abuse.ch/sample/7120308692d2e71147ed246ed33ac3cd814ca38ec9c604d25a5a61adfdef33f8/
https://twitter.com/mojoesec/status/1448015584889872394
https://twitter.com/mojoesec/status/1447638490401890310
https://twitter.com/mojoesec/status/1447638107512266766
https://twitter.com/mojoesec/status/1447625228398510082
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1446526387024769034
https://twitter.com/mojoesec/status/1446524844292677678
https://twitter.com/mojoesec/status/1446202907834077194
https://twitter.com/mojoesec/status/1446170977474420737
https://twitter.com/mojoesec/status/1446170894783614979
https://twitter.com/mojoesec/status/1445094728341594112
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1445084701975265290
https://twitter.com/mojoesec/status/1445084219219357696
https://twitter.com/mojoesec/status/1445081799386927122
https://twitter.com/mojoesec/status/1445081543358222336
https://twitter.com/mojoesec/status/1445081220250062860
https://twitter.com/mojoesec/status/1444836496020738050
https://twitter.com/mojoesec/status/1444027802446073856
https://twitter.com/mojoesec/status/1444027560170594305
https://twitter.com/mojoesec/status/1443582148477263872
https://twitter.com/mojoesec/status/1443027723258056716
https://twitter.com/mojoesec/status/1442532938177028098
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1442531852628086794
https://twitter.com/mojoesec/status/1441476501497548801
https://twitter.com/mojoesec/status/1441097977372631047
https://twitter.com/mojoesec/status/1441097801924952072
https://twitter.com/mojoesec/status/1438954452589944835
https://twitter.com/mojoesec/status/1438929039838924811
https://twitter.com/mojoesec/status/1438928938424733696
https://twitter.com/mojoesec/status/1438676391453773829
https://t.co/wib6lJ03rX
https://reliaquest.wd5.myworkdayjobs.com/ReliaQuest_Careers
https://twitter.com/mojoesec/status/1438586267583893509
https://twitter.com/mojoesec/status/1438313055406931969
https://t.co/UJbuvdMU1r
https://msft.it/6011XTGHN
https://twitter.com/mojoesec/status/1438207798559617029
https://twitter.com/mojoesec/status/1437837557832749073
https://twitter.com/mojoesec/status/1437591892984795144
https://t.co/VmxMQgOAg3
https://github.com/IronNetCybersecurity/IronNetTR/tree/main/cobalt_strike
https://twitter.com/mojoesec/status/1437484737443008517
https://twitter.com/mojoesec/status/1437439142900666370
https://twitter.com/mojoesec/status/1437436176844140552
https://twitter.com/mojoesec/status/1437233416999735298
https://t.co/sHK83tazvw
https://security-soup.net/weekly-news-roundup-september-5-to-september-11/
https://twitter.com/mojoesec/status/1436410897262645255
https://twitter.com/mojoesec/status/1436362650808733703
https://t.co/nd9TUE2UeI
https://t.co/imcz8gbBVd
https://bazaar.abuse.ch/sample/ed2b9e22aef3e545814519151528b2d11a5e73d1b2119c067e672b653ab6855a/
https://www.virustotal.com/gui/file/ed2b9e22aef3e545814519151528b2d11a5e73d1b2119c067e672b653ab6855a/details
https://twitter.com/mojoesec/status/1435994898759622656
https://twitter.com/mojoesec/status/1435994643062304776
https://twitter.com/mojoesec/status/1435994485008314378
https://twitter.com/mojoesec/status/1435994421112320002
https://twitter.com/mojoesec/status/1435994362140401668
https://twitter.com/mojoesec/status/1435994291411763203
https://twitter.com/mojoesec/status/1435694771641716745
https://t.co/Kl217MdQkN
https://app.any.run/tasks/fcc7aaab-053d-4f9e-bd94-99e8153a68ab/
https://twitter.com/mojoesec/status/1435687234687180802
https://twitter.com/mojoesec/status/1435328134006591490
https://twitter.com/mojoesec/status/1433861491350917121
https://twitter.com/mojoesec/status/1433808806987767808
https://twitter.com/mojoesec/status/1433158210056228866
https://twitter.com/mojoesec/status/1432793909755797507
https://twitter.com/mojoesec/status/1432513276777308160
https://twitter.com/mojoesec/status/1432384551834329090
https://t.co/W4BB0c9oPv
https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/
https://twitter.com/mojoesec/status/1431296324281016327
https://twitter.com/mojoesec/status/1430935371227992064
https://twitter.com/mojoesec/status/1429885247789936640
https://twitter.com/mojoesec/status/1429884822567231490
https://twitter.com/mojoesec/status/1428532120822112262
https://twitter.com/mojoesec/status/1427721353696849928
https://twitter.com/mojoesec/status/1426245686757138433
https://twitter.com/mojoesec/status/1425170316477743109
https://twitter.com/mojoesec/status/1424752750844329985
https://twitter.com/mojoesec/status/1423693886820605960
https://twitter.com/mojoesec/status/1423685534564720643
https://twitter.com/mojoesec/status/1423471174206558210
https://t.co/Y1HkYeEVqO
https://michaelkoczwara.medium.com/cobalt-strike-hunting-malleable-c2-jquery-profile-rundll32-analysis-a0977f59dbfc
https://twitter.com/mojoesec/status/1423388128224686082
https://t.co/wxgeovLjE1
https://twitter.com/vxunderground/status/1423336151860002816
https://twitter.com/mojoesec/status/1423387766923186180
https://twitter.com/mojoesec/status/1423361237874880517
https://twitter.com/mojoesec/status/1423098234868834305
https://t.co/ndrsdB7jlb
https://unit42.paloaltonetworks.com/unit42-pulling-back-the-curtains-on-encodedcommand-powershell-attacks/
https://twitter.com/mojoesec/status/1422634206400745478
https://twitter.com/mojoesec/status/1422339005245448195
https://twitter.com/mojoesec/status/1422163925177708547
https://twitter.com/mojoesec/status/1421996228607365125
https://twitter.com/mojoesec/status/1421198691742986243
https://twitter.com/mojoesec/status/1420558901620232195
https://twitter.com/mojoesec/status/1420556449244237824
https://twitter.com/mojoesec/status/1420552289731944448
https://twitter.com/mojoesec/status/1420463077565292550
https://twitter.com/mojoesec/status/1420196363061628936
https://twitter.com/mojoesec/status/1420149946544705536
https://twitter.com/mojoesec/status/1419985509993095172
https://twitter.com/mojoesec/status/1419836728567861253
https://t.co/ZtBf3QUPlt
https://hausec.com/2021/07/26/cobalt-strike-and-tradecraft/
https://twitter.com/mojoesec/status/1419746895707185153
https://twitter.com/mojoesec/status/1419340114673770500
https://twitter.com/mojoesec/status/1419339693666230279
https://twitter.com/mojoesec/status/1419119412133736448
https://twitter.com/mojoesec/status/1418625292105654275
https://twitter.com/mojoesec/status/1418390594859245568
https://twitter.com/mojoesec/status/1418384838181244932
https://twitter.com/mojoesec/status/1418380023422144516
https://twitter.com/mojoesec/status/1418351923728633868
https://twitter.com/mojoesec/status/1418296103133396995
https://twitter.com/mojoesec/status/1418265696547508225
https://twitter.com/mojoesec/status/1418022297936482310
https://t.co/kGFO9P0xRI
https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-003/
https://twitter.com/mojoesec/status/1418017737331417088
https://twitter.com/mojoesec/status/1417934041731538946
https://twitter.com/mojoesec/status/1417922397127299074
https://twitter.com/mojoesec/status/1417844741492912130
https://twitter.com/mojoesec/status/1417653376607784962
https://twitter.com/mojoesec/status/1417574273988931585
https://twitter.com/mojoesec/status/1417297640920911874
https://twitter.com/mojoesec/status/1417197703147184130
https://twitter.com/mojoesec/status/1416082679217467394
https://twitter.com/mojoesec/status/1415844467911839745
https://twitter.com/mojoesec/status/1415746641945112580
https://twitter.com/mojoesec/status/1415485571884101633
https://twitter.com/mojoesec/status/1415479430391140353
https://twitter.com/mojoesec/status/1415377510553030659
https://twitter.com/mojoesec/status/1415122801724436483
https://twitter.com/mojoesec/status/1415062332246536193
https://twitter.com/mojoesec/status/1415028215895281670
https://twitter.com/mojoesec/status/1414763543300300800
https://twitter.com/mojoesec/status/1414642918338478082
https://twitter.com/mojoesec/status/1412862325757972485
https://twitter.com/mojoesec/status/1412457393682792452
https://twitter.com/mojoesec/status/1412225236137820165
https://twitter.com/mojoesec/status/1411858478562484224
https://twitter.com/mojoesec/status/1411073637969432581
https://twitter.com/mojoesec/status/1411072172249038851
https://twitter.com/mojoesec/status/1410946269711831040
https://twitter.com/mojoesec/status/1410785468225134597
https://twitter.com/mojoesec/status/1410781085756268544
https://twitter.com/mojoesec/status/1410779750424100870
https://twitter.com/mojoesec/status/1410728109955948550
https://twitter.com/mojoesec/status/1410642655881707523
https://twitter.com/mojoesec/status/1410302139809861633
https://twitter.com/mojoesec/status/1410048716850053126
https://twitter.com/mojoesec/status/1409539083446194177
https://twitter.com/mojoesec/status/1408122566682808329
https://twitter.com/mojoesec/status/1407790363113316356
https://twitter.com/mojoesec/status/1407661663927648256
https://twitter.com/mojoesec/status/1407425186052378624
https://twitter.com/mojoesec/status/1407030448052740098
https://twitter.com/mojoesec/status/1405590821924052992
https://twitter.com/mojoesec/status/1405212656211054593
https://twitter.com/mojoesec/status/1404479000051847176
https://twitter.com/mojoesec/status/1404478448232550401
https://twitter.com/mojoesec/status/1403417437190725634
https://twitter.com/mojoesec/status/1403417258181988352
https://twitter.com/mojoesec/status/1403072399860506638
https://twitter.com/mojoesec/status/1402707407072071682
https://twitter.com/mojoesec/status/1402344150092201988
https://twitter.com/mojoesec/status/1401989689381429253
https://twitter.com/mojoesec/status/1398088278478364674
https://twitter.com/mojoesec/status/1397362587411562496
https://twitter.com/mojoesec/status/1397308990405681153
https://twitter.com/mojoesec/status/1397006349167386625
https://twitter.com/mojoesec/status/1396642075739885579
https://t.co/HljKtc9nBx
https://blog.menasec.net/2021/05/hunting-for-suspicious-usage-of.html
https://twitter.com/mojoesec/status/1395557135958880259
https://twitter.com/mojoesec/status/1394830883966922754
https://twitter.com/mojoesec/status/1394743529109401600
https://twitter.com/mojoesec/status/1393284558750093316
https://twitter.com/mojoesec/status/1393011127035039750
https://twitter.com/mojoesec/status/1392661067717824515
https://twitter.com/mojoesec/status/1392648862687502336
https://twitter.com/mojoesec/status/1392568977025552391
https://twitter.com/mojoesec/status/1392557815873552384
https://twitter.com/mojoesec/status/1392180045616144387
https://twitter.com/mojoesec/status/1390378348732428289
https://twitter.com/mojoesec/status/1389764410739249153
https://twitter.com/mojoesec/status/1389762078769131530
https://twitter.com/mojoesec/status/1389756701960769538
https://twitter.com/mojoesec/status/1389400634420510720
https://twitter.com/mojoesec/status/1388200745342808065
https://twitter.com/mojoesec/status/1387949656244621312
https://t.co/B47Rc9NOFz
https://t.co/8bV7yOw5Oj
https://www.mdsec.co.uk/2020/09/i-like-to-move-it-windows-lateral-movement-part-1-wmi-event-subscription/
https://www.mdsec.co.uk/2020/09/i-like-to-move-it-windows-lateral-movement-part-2-dcom/
https://twitter.com/mojoesec/status/1387484206754791424
https://twitter.com/mojoesec/status/1387227389894270982
https://twitter.com/mojoesec/status/1387222929176469504
https://t.co/OgUbhot37O
https://link.medium.com/kalvvsQvNfb
https://twitter.com/mojoesec/status/1387213193915797511
https://twitter.com/mojoesec/status/1387211266721189888
https://twitter.com/mojoesec/status/1387121872039469060
https://twitter.com/mojoesec/status/1386773404485922821
https://twitter.com/mojoesec/status/1386772045309034498
https://twitter.com/mojoesec/status/1385701373589827586
https://twitter.com/mojoesec/status/1385406042624905216
https://twitter.com/mojoesec/status/1385404632495759365
https://twitter.com/mojoesec/status/1385404310058676227
https://twitter.com/mojoesec/status/1384959686567464961
https://twitter.com/mojoesec/status/1384675495384584196
https://twitter.com/mojoesec/status/1384675185194901506
https://twitter.com/mojoesec/status/1384673228191408133
https://t.co/TV3IRXR56Q
https://www.fireeye.com/blog/threat-research/2021/04/zero-day-exploits-in-sonicwall-email-security-lead-to-compromise.html
https://twitter.com/mojoesec/status/1384672822585438211
https://twitter.com/mojoesec/status/1384615076489924613
https://twitter.com/mojoesec/status/1384232973428355079
https://twitter.com/mojoesec/status/1384232156046630921
https://twitter.com/mojoesec/status/1383963933367672834
https://t.co/jVZNPjRAwJ
https://isc.sans.edu/diary/27322
https://twitter.com/mojoesec/status/1383962303976988672
https://twitter.com/mojoesec/status/1382414995670106115
https://twitter.com/mojoesec/status/1382380383958937602
https://twitter.com/mojoesec/status/1382154662770585604
https://t.co/u2IlrBp86w
https://labs.f-secure.com/blog/detecting-exposed-cobalt-strike-dns-redirectors
https://twitter.com/mojoesec/status/1381789103499395072
https://twitter.com/mojoesec/status/1381433802732503040
https://twitter.com/mojoesec/status/1381070387392475136
https://twitter.com/mojoesec/status/1380341042898173955
https://t.co/pjwa7lZMut
https://research.checkpoint.com/2021/irans-apt34-returns-with-an-updated-arsenal/
https://twitter.com/mojoesec/status/1380340407146536961
https://t.co/41LYkdR2IY
https://blog.redbluepurple.io/windows-security-research/kernel-tracing-injection-detection
https://twitter.com/mojoesec/status/1379981239097163779